package com.baizhi.cmfz.config;

import com.baizhi.cmfz.realm.AuthorRealm;
import com.baizhi.cmfz.realm.DatabaseRealm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    //配置过滤器工厂
    //@Bean 注解会自动为参数装配值
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //配置过滤规则 配置过滤器链
        Map map = new HashMap();
        /*
        anon 表示可以匿名访问，不需要登录就可以访问的级别
        authc 表示需要认证才能访问
         */
        map.put("/user/login.jsp","anon");
        map.put("/admin/*","anon");
        map.put("/jsp/*","authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        //修改过滤器拦截之后跳转到登录界面
        shiroFilterFactoryBean.setLoginUrl("/user/login.jsp");
        //设置一个安全管理器
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        return shiroFilterFactoryBean;
    }
    /**
     * 获取安全管理器，需要将自定义的realm放进安全管理器中
     * @param authorRealm
     * @return
     */
    @Bean
    public SecurityManager getSecurityManager(AuthorRealm authorRealm) {
        DefaultWebSecurityManager defaultSecurityManager = new DefaultWebSecurityManager();
        //设置realm
        defaultSecurityManager.setRealm(authorRealm);
        return defaultSecurityManager;
    }

    //获取自定义的从数据库中获取验证信息的realm
    @Bean
    public AuthorRealm getDatabaseRealm() {
        return new AuthorRealm();
    }

    /**
     * 开启shiro AOP注解 注解式的授权才生效
     * @param securityManager
     * @return
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }
}
/*
@Configuration
class ShiroConf{
    //配置过滤器 需要用到安全管理器
    @Bean
    public ShiroFilterFactoryBean getShiroFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //配置过滤什么不过滤什么 以及放入过滤链
        */
/*
        anon 表示是可以匿名访问 不需要认证
        authc 需要认证才可以访问
         *//*

        Map map = new HashMap();
        map.put("/user/login.jsp","anon");
        map.put("/user/login.jsp","anon");
        map.put("/jsp/menu.jsp","authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        return shiroFilterFactoryBean;
    }
    //获取一个securityManager对象 需要将自定义的领域放进安全管理器
    @Bean
    public SecurityManager getSecurityManager(DatabaseRealm databaseRealm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(databaseRealm);
        return defaultWebSecurityManager;
    }
    //获取验证领域对象装配给安全管理器
    @Bean
    public DatabaseRealm getDatabaseRealm() {
        return new DatabaseRealm();
    }
}*/
